ltm global-settings connection

ltm global-settings connection(1)			BIG-IP TMSH Manual			 ltm global-settings connection(1)

NAME
       connection - Configures the global settings that pertain to connections for the BIG-IP(r) and VIPRION(r) local traffic
       management systems.

MODULE
       ltm global-settings

SYNTAX
       Configure the connection component within the ltm global-settings module using the syntax shown in the following sections.

   MODIFY
	modify connection
	  options:
	    adaptive-reaper-hiwater [integer]
	    adaptive-reaper-lowater [integer]
	    auto-last-hop [disabled | enabled]
	    default-vs-syn-challenge-threshold [infinite | integer]
	    global-flow-eviction-policy [name]
	    global-syn-challenge-threshold [infinite | integer]
	    syncookies-threshold [integer]
	    vlan-keyed-conn [disabled | enabled]
	    vlan-syn-cookie [disabled | enabled]

   DISPLAY
	list connection
	list connection [option name]
	show running-config connection
	show running-config connection [option name]
	  options:
	    all-properties
	    non-default-properties
	    one-line

DESCRIPTION
       You can use the connection component to modify how the system processes connections.

EXAMPLES
       modify connection auto-last-hop disabled
	    Specifies that the system does not automatically map the last hop for pools.

       list connection
	    Displays the global settings for how the system processes connections.

OPTIONS
       adaptive-reaper-hiwater
	    *IMPORTANT* This command has been deprecated (as of 11.6.0). Please use ltm eviction-policy instead.  Specifies, in a
	    percentage, the memory usage at which the system stops establishing new connections. Once the system meets the reaper
	    high-water mark, the system does not establish new connections until the memory usage drops below the reaper low-water
	    mark. The adaptive reaper settings help mitigate the effects of a denial-of-service attack.

	    The available range is 85 - 100. The default value is 95. To disable the adaptive reaper, set the high-water mark to
	    100.

       adaptive-reaper-lowater
	    *IMPORTANT* This command has been deprecated (as of 11.6.0). Please use ltm eviction-policy instead.  Specifies, in
	    percent, the memory usage at which the system silently purges stale connections, without sending reset packets (RST)
	    to the client. If the memory usage remains above the low-water mark after the purge, then the system starts purging
	    established connections closest to their service timeout.

	    The available range is 70 - 100. The default value is 85. To disable the adaptive reaper, set the low-water mark to
	    100.

       auto-last-hop
	    Specifies that the system automatically maps the last hop for pools. The default value is enabled.

       default-vs-syn-challenge-threshold
	    Specifies the default value of per-virtual server SYN Cookie activation threshold per chassis. The default value is
	    infinite. The valid range is 128 - 1024K or infinite (encoded as 0).

       global-flow-eviction-policy
	    Specifies the flow eviction policy to use when approaching memory usage limits. The settings in the policy determine
	    the adaptive reaper high and low water marks, and help determine which client connections to terminate when memory
	    limits have exceeded the "low-water" threshold in the eviction policy. The settings help mitigate the effects of a
	    denial-of-service attack.

       global-syn-challenge-threshold
	    Specifies the default value of the global SYN Cookie activation threshold per TMM. The default value is 64K. The valid
	    range is 2048 - 4096K or infinite (encoded as 0).

       syncookies-threshold
	    This option is deprecated in version 13.0.0 and is replaced by default-vs-syn-challenge-threshold.	Specifies the
	    number of new or untrusted TCP connections that can be established before the system activates the SYN Cookies
	    authentication method for subsequent TCP connections. The default value is 16384.

       vlan-keyed-conn
	    Enables or disables VLAN-keyed connections. You use VLAN-keyed connections when traffic for the same connection must
	    pass through the system several times, on multiple pairs of VLANs (or in different VLAN groups). The default value is
	    enabled.

       vlan-syn-cookie
	    Enables or disables the hardware per-VLAN SYN cookie protection on platforms with supported firmware.  The default
	    value is enabled.

SEE ALSO
       list, ltm node, modify, show, tmsh

COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
       photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
       use, without the express written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2009-2010, 2013, 2016. All rights reserved.

BIG-IP							    2016-09-06				 ltm global-settings connection(1)